Hello,
an beta stage advertising system which i do not trust want me to add to my page this:
define(‘XY_USER’, ‘dg6z247h5hj8d9s7gh3l2.54lo5f’);
require_once($_SERVER[‘DOCUMENT_ROOT’].‘/’.XY_USER.‘/script.php’);
$xy = new SeolinkClient();
echo $xy->return_links();
I want to ask what malicious things they can do if later they add some malicious code into their .php ?
Can they read my mysql credentials, even hosting account password or somehow harm my site visitors?
Thank you